DOC-1732: Document managing Schema Registry ACLs in Console

[micheleRP]

Summary

Documents how to manage Schema Registry ACLs (subject and registry resource types) through the Redpanda Console UI. Both edited pages carry // tag::single-source[], so this content lands in both self-managed docs and Cloud with no separate cloud-docs PR needed.

• modules/manage/pages/schema-reg/schema-reg-authorization.adoc — new Manage Schema Registry ACLs in Console section: how to reach ACLs on a user/role detail page, that the Add ACL modal's Resource Type offers Subject and Schema Registry, and a worked subject-ACL example (Subject / Literal / sensor-data-value / Read / Allow).
• modules/manage/pages/security/authorization/acl.adoc — one line on the + Add ACL bullet noting Resource Type includes Subject and Schema Registry for Schema Registry ACLs, with an xref to the SR authorization page.

Context

DOC-1732 was ~80% covered already:

• DOC-2123 documented the atomic ACL UI in Console (Security page, Add ACL modal).
• DOC-1936 documented Schema Registry ACLs for Cloud (authorization on by default; predefined roles carry subject/registry permissions).

The gap was that nothing showed the Add ACL Resource Type list includes the Schema Registry types, with a worked example. This PR fills it.

The Resource Type labels (Subject, Schema Registry) were verified against a live Console build.

This also covers the Console-UI portion of DOC-1866 (self-managed sibling), since the edited pages are single-sourced.

Preview pages

• Schema Registry Authorization (updated)
• Configure Access Control Lists (updated)

Test plan

• Netlify deploy preview renders the new section on the Schema Registry Authorization page and the updated Add ACL bullet on the ACLs page, for both self-managed and Cloud.
• No new broken xrefs (the new xref:manage:schema-reg/schema-reg-authorization.adoc[] resolves in both repos).
• docs-team-standards:review editorial pass.

🤖 Generated with Claude Code

[netlify]

✅ Deploy Preview for redpanda-docs-preview ready!

Name	Link
🔨 Latest commit	cb8629a
🔍 Latest deploy log	https://app.netlify.com/projects/redpanda-docs-preview/deploys/6a3d6ff42c7b3100070038e7
😎 Deploy Preview	https://deploy-preview-1769--redpanda-docs-preview.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 18945dd2-cb92-4b20-9ce2-23b1514941a6

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Added Schema Registry ACL documentation for the UI. The new section explains how to manage ACLs from the Security page, choose Subject or Schema Registry resource types, and follow an example for granting read access to a subject. The shared ACL guidance also now references these Schema Registry resource types and the operations documentation.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• redpanda-data/docs#1694 — Also updates schema-reg-authorization.adoc with Schema Registry ACL management instructions.
• redpanda-data/docs#1332 — Reworks Schema Registry ACL enable/create/manage guidance and examples in the same docs area.
• redpanda-data/docs#1528 — Adds Schema Registry operation definitions referenced by the ACL UI documentation.

Suggested reviewers

• kbatuigas
• deniscoady
• jvorcak

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The pull request description is missing entirely, so none of the required template sections are filled in.	Add the template sections with the Jira ticket, review deadline, page preview links, and the appropriate check checkbox.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly matches the main change: documenting Schema Registry ACL management in Console.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch DOC-1732-console-schema-acls

---

_{Comment @coderabbitai help to get the list of available commands.}

[Feediver1]

PR Review (final-pass against docs-team-standards)

Files reviewed: 2 .adoc files
Overall assessment: Clean, well-scoped doc-gap fill. Prose follows the style guide, the new xref reuses an existing precedent that already builds in both repos, and impact on other files is minimal. No blocking issues — only a few optional refinements.

Jira ticket alignment

DOC-1732 — Addresses the stated gap precisely: showing the Add ACL Resource Type list includes the SR types, with a worked example. Resource Type labels verified against a live Console build per the PR body. Scope matches; no gaps.

Critical issues (must fix)

None. The new xref:manage:schema-reg/schema-reg-authorization.adoc[] in acl.adoc reuses the same pattern already at acl.adoc:140, so it resolves in both docs and cloud-docs. {ui} resolves from antora.yml (ui: Redpanda Console@, overridable in cloud-docs). Everything renders.

Suggestions (should consider)

1. [schema-reg-authorization.adoc:40] Now-stale redirect. The self-managed bullet says "...use {ui} to manage Schema Registry ACLs. See xref:manage:security/authorization/acl.adoc[]." — but there's now a richer local section ~13 lines below. Consider pointing this bullet at the new local section (xref:#manage-schema-registry-acls-in-redpanda-console[]) so readers aren't bounced to acl.adoc and back.

2. [schema-reg-authorization.adoc:62] "see the Supported operations table below" — an anchored xref (xref:#supported-operations[Supported operations]) is more robust than prose "below" and consistent with the rest of the page.

3. [schema-reg-authorization.adoc:55] "After Schema Registry Authorization is enabled..." reads slightly off for the Cloud render, where authorization is on by default (per DOC-1936). The statement is still true, but the conditional framing implies an enabling step Cloud readers don't take. Optional env-gate or reword.

4. [schema-reg-authorization.adoc:53] Heading style consistency: sibling H3 is "How to manage Schema Registry Authorization"; the new one is imperative ("Manage..."). Both valid sentence case — just noting the slight pattern drift.

Impact on other files

• nav.adoc: No change needed — page already in nav (nav.adoc:214); new subsection, not a new page.
• What's New: No entry needed — fills a gap in an existing feature (SR Authorization, v25.2).
• Inbound xrefs: 12+ pages xref schema-reg-authorization.adoc; all remain valid (only a section was added, nothing renamed/moved).

What works well

• Single-source-safe: new xref reuses the proven pattern at acl.adoc:140, so no cross-repo build risk.
• Cross-page consistency: Subject / Schema Registry Resource Type labels match between both edited pages.
• Strong, concrete worked example (Subject / Literal / sensor-data-value / Read / Allow).
• Active voice, second person, present tense, no em dashes throughout.
• Bidirectional cross-linking keeps both entry points discoverable.

🤖 Generated with Claude Code

[Feediver1]

Check out the suggestions